ENP Profiles: Juniper Moves to Confront Cisco

The name Cisco is almost synonymous with routers – you could be forgiven for thinking that Cisco was the only game in town. But for the last six years Sunnyvale CA-based Juniper Networks has been demanding attention with an ever increasing portfolio of very high capacity, carrier-grade routers. In the third quarter of 2004 the company grabbed 36% of the worldwide core router market, according to Infonetics, a San Jose, CA-based research house.

Juniper hopes its reputation for providing fast and reliable carrier-grade equipment will hold it in good stead the enterprise market, but it faces quite a challenge: Cisco

Recently, Juniper has begun to introduce lower capacity devices to cater to the needs of ISPs, data centers, large corporations and government organizations, and even small branch offices and remote sites. In the past Juniper has avoided moving into direct confrontation with Cisco in the enterprise marketplace, but appears to have changed strategy because at the moment, to quote bank robber Willy Sutton, "that's where the money is." The enterprise router market is worth about $5bn according to Framingham, MA-based research house IDC. Juniper hopes its reputation for providing fast and reliable carrier-grade equipment will hold it in good stead the enterprise market, but it faces quite a challenge: Cisco is extremely well received in this market segment – noone ever got fired for buying a Cisco router.

Juniper's M7i and M10i devices are aimed at larger sites – corporate head offices and data centers as well as ISPs which might need a capacity of up to 10Gbps, while the new J-series machines, introduced in June of last year, are aimed squarely at the smallest sites - regional offices, remote sites, and buildings which might have nothing more than a 64kbps leased line connection.

* The spec sheet for the Juniper J-series is available as a 163kb PDF.
** The spec sheet for the Juniper M-Series is available as a 259kb PDF.

JUNOS operating system

At the heart of Juniper's routers is the company's JUNOS operating system, and what's interesting about JUNOS is that - apart from its E-Series broadband aggregation devices - it really is the same piece of software, running in all the routers. (In fact, the low end J-series routers run a subset of JUNOS)

This is important because it means that the commands required to configure any Juniper router are the same. It also means that once configured, it's possible to output a configuration file and feed that in to another model to configure it in exactly the same way. From an administration point of view this is extremely convenient. It also makes it much easier to choose an appropriate Juniper router. Since the feature set is essentially identical for all routers, choosing a router comes down to choosing what throughput capacity is likely to be required.

Modular software

But perhaps the most important feature is JUNOS's modularity – the fact that it splits the router's job into three parts, which all run independently of each other:

Packet forwarding engine – a simple job that needs to be done quickly, the code for packet forwarding is hard-coded into an application specific integrated circuit (ASIC) or, on the J-series, on a software-emulated ASIC running on an Intel chip

Routing engine – the routing engine produces the routing table used by the forwarding engine, and this complex task is carried out in a JUNOS software module running on Intel silicon.

Service plane – some services such as firewalling are built into the forwarding ASIC, and some more specialist services such as IPSec are either carried out on a separate ASIC module or, on the J-series, on an emulated ASIC.

The benefit of the modular approach is that all parts of the router are able to work at full capacity without impacting on the performance of the other parts, according to Ben Ellis, head of product and solution marketing at Juniper. "In some legacy routers, if you throw lots of traffic at it, it loses routing info. Or, put the other way, if you try to update the routing then the router drops packets. This doesn't happen on Juniper devices. When you turn on a feature, you don't slow the network or drop packets. There's nothing that can't run at line speed – even packet monitoring."

Since packet forwarding is carried out by code hardwired on an ASIC, this also means that even if the routing engine software module crashes, the router can continue to forward data packets using the most recent version of the routing table, until the routing engine comes back online. "There can be a complete failure of the routing engine but forwarding doesn't stop," Ellis said.

Uphill struggle

The company is likely to find it hard to gain any significant market share in the enterprise market in the near term, according to Matthias Machowinski, research analyst at Infonetics. "The enterprise is simply not familiar with Juniper, and Cisco has a stranglehold on that market at present," he said.

But there is some hope, Machowinski believes, especially thanks to the company's purchase of security appliance company NetScreen Technologies – one of the largest IPSec VPN vendors - for about $3.4 billion in the second quarter of this year. "Buyers are focussing on security, integrated firewalls, VPN, things like that, and it's likely that NetScreen devices will be bundled with Juniper's enterprise products in the near future. The NetScreen acquisition should allow Juniper to add some value."

Peter Hulleman, senior research analyst at IDC, believes the company will have to make further acquisitions. "At the moment, to be honest, if you are an enterprise buyer you don't really look at Juniper," he said. "You need a channel to sell enterprise routers. Juniper can make products, but how will they sell them to end users? I would question how many they can sell through the NetScreen channel, so I would expect them to make some acquisitions in the LAN switch space. It could be 2 – 3 years before Juniper make an impact in this market."